﻿<?php 
$v_idea_id = $_REQUEST['hdn_idea_id'];
$v_record_id = 0;
if(isset($_REQUEST['hdn_record_id'])){
	$v_record_id = intval($_REQUEST['hdn_record_id']);
}
//ID nguoi co y kien
$v_suggester_id = _get_item_attr_by_id($_SESSION['arr_all_staff'],$_SESSION['staff_id'],'id');
$v_date= _ddmmyyyy_to_yyyymmdd($_REQUEST['txt_date']);
$v_content =  _replace_bad_char($_REQUEST['txt_content']);
$v_file_id = "";	
$v_new_file_id_list = "";
//CSDL SQL
if(_is_sqlserver()){
	$v_form_field = 'file_attach';
	if (isset($_FILES[$v_form_field]['tmp_name'])){
                $v_record_idea_ = $v_idea_id;
		if($v_idea_id==0||$v_idea_id==''||empty($v_idea_id)){
		$sql = "SELECT MAX(PK_IDEA) AS NEW_IDEA FROM dbo.T_ONEGATE_IDEA";
		$result = mssql_query($sql,$conn);
		$rs = mssql_fetch_array($result);
		$v_record_idea_ = $rs['NEW_IDEA']+1;
                }

		$v_filename = $v_record_id.'_'.$v_record_idea_.'_idea_'._replace_bad_char(trim($_FILES[$v_form_field]['name']));
		$v_tmp_filename = trim($_FILES[$v_form_field]['tmp_name']);
		$v_file_id = 0;
		if ($v_tmp_filename!="" and !is_null($v_tmp_filename)){
			_copy_file($v_tmp_filename, _CONST_LEVEL2_ATTACH_FILE_PATH_FROM_CURRENT.$v_filename);
			if ($v_new_file_id_list ==""){
				$v_new_file_id_list = _save_file_to_database('T_TEMP_FILE', 'C_FILE_NAME', 'C_FILE_CONTENT', _CONST_LEVEL2_ATTACH_FILE_PATH_FROM_CURRENT.$v_filename);
			}else{			
				$v_new_file_id_list = $v_new_file_id_list . ",". _save_file_to_database('T_TEMP_FILE', 'C_FILE_NAME', 'C_FILE_CONTENT', _CONST_LEVEL2_ATTACH_FILE_PATH_FROM_CURRENT.$v_filename);
			}	
		}	
	}
	$v_content_id = _save_text_to_database('T_TEMP_FILE', 'C_TEXT', $v_content);
	$sql = "Exec Onegate_IdeaUpdate " ;
	$sql = $sql . $v_idea_id;
	$sql = $sql . "," . $v_record_id ;
	$sql = $sql . "," . $v_suggester_id;//ID nguoi co y kien
	$sql = $sql . ",'" . $v_date."'";
	$sql = $sql . "," . $v_content_id ;
	$sql = $sql . ",'" . $v_filename."'";
	$sql = $sql . ",'" . $v_new_file_id_list."'";
	//echo $sql ; exit;
	$ado_conn->SetFetchMode(ADODB_FETCH_ASSOC);
	$rs = $ado_conn->GetRow($sql); 
	$v_error = _replace_bad_char(trim($rs['RET_ERROR']));
}

if (!is_null($v_error) and $v_error<>""){?>
	<script>
		alert("<?php echo $v_error; ?>");
		if (_MODAL_DIALOG_MODE==1){
			window.location = "<?php echo $v_url; ?>";
		}else{
			window.history.back();
		}	
	</script><?php
	exit;
}
sleep(0);
?>
<form action="index.php" method="post" name="f_back">
	<input type="hidden" name="fuseaction" value="DISPLAY_ALL_IDEA">
	<input type="hidden" name="hdn_item_id" value="<?php echo $v_idea_id;?>">
	<input type="hidden" name="hdn_record_id"  value="<?php echo $v_record_id; ?>">
</form>
<Script language="javascript">
	document.forms(0).submit();
</Script>
